Secure Computing SafeWord uses vulnerable ssh server

[Leif Nixon <nixon () softlab ericsson se>]

Secure Computing's SafeWord PremierAccess product (earlier known as
SafeWord Plus) is an access control system capable of using several
different authentication mechanisms for controlling access to 
network resources. The most used mechanism is one time passwords,
generated by hardware or software authenticators, similar to SecureID's
token based authentication.

The SafeWord system consists of a central authentication server that
uses a proprietary protocol to communicate with different
authentication agents. Secure Computing provides many kinds of such
agents, including web server plug-ins, PAM libraries and a RADIUS
server that can proxy RADIUS authentication requests to the SafeWord
server.

One of the provided agents is an ssh server that has been modified to
authenticate users by sending authentication requests on to the
SafeWord server, using the proprietary protocol.

The distribution of this ssh server consists of the slightly modified
source of SSH.com's ssh 1.2.27, along with libraries (in binary form)
for communicating with the SafeWord server. (As a side note, I suspect
this constitutes a license violation, since Secure Computing is
distributing the source in a modified form, rather than distributing
the pristine source along with a set of patches. IANAL, though.)

This ssh server is vulnerable to the by now well-known CRC-32
compensation attack detector vulnerability, described in CERT incident
note IN-2001-12 (http://www.cert.org/incident_notes/IN-2001-12.html).

I would urge all users of this ssh server, called SafeWord Agent for
SSH, to either replace it with OpenSSH and use the SafeWord PAM
libraries for authentication, or to carry over Secure Computing's
modifications of the ssh 1.2.27 sources to ssh 1.2.32, which is not
vulnerable. This later operation is rather trivial. Please note,
though, that ssh 1.x is officially deprecated by SSH.com.

Secure Computing was contacted about this vulnerability on Nov 10,
2001 (ticket #42085). Their support department was helpful in working
out the details with me, and the information "was passed along to the
development team for their consideration". Then nothing
happened. Despite further contact on Nov 20, urging the seriousness of
the vulnerability, Secure Computing has taken no action, has issued no
advisory, and are still distributing the vulnerable ssh server from
their web site.

Since this vulnerability is being actively exploited on the Internet,
in what appears to be a large scale manner, I have decided to take
this to the public.

-- 
Leif Nixon      Network security       Ericsson SoftLab AB
----------------------------------------------------------
E-mail: nixon () softlab ericsson se   Phone: +46 13 23 57 61
----------------------------------------------------------